7. Information and Software Assurance Management

Purpose: To serve as an independent coordination body to help manage the Information and Software (IA/SwA) Assurance validation process for commodity software resources. Various Government policies dictate the acquisition, security and maintenance of most software resources. The Trusted Code Foundation recognizes any software that has obtained government-sanctioned accreditation as “Trusted.” However, there are many commodity software assets that are currently in use, or would serve as a technical and economically efficient alternative solution for government users if the software would achieve appropriate government-sanctioned accreditation.

Objectives: To coordinate and manage the IA/SwA validation process for designated software resources.

Participants: Foundation member representatives will be responsible for identifying which commodity software assets will be candidates for appropriate validation. While Foundation members will be responsible for asset selection, funding support for the validation efforts will be open to participation from non-Foundation members.

Managed by: Administration of activities will be managed by Trusted Code staff in conjunction with public and private-sector stakeholders.

A defined roadmap for each Trusted Code Asset the provide short and long-term objectives and time lines for the updates, modification, evaluation and revalidation schedules, as well as define the technical goals and strategic objectives from both the public and private-sector technology consumers and the product and development community representatives to help both sides to best plan and apply resources to meet common long-term objectives.

Funding: Funding to support the management of IA/SwA processes will be distributed by those Foundation and non-Foundation members who have a vested interest in the successful development and validation of each Trusted Code asset.